The IRS is warning tax professionals of early signs that cybercriminals already are at work
as the nation's tax season approaches. Fraudsters are using a new round of emails posing as potential clients or even the IRS to trick tax practitioners into disclosing sensitive
information.

The IRS encourages tax practitioners to be wary of communicating solely by email with
potential or even existing clients, especially if unusual requests are made. If in doubt, tax
practitioners should call to confirm a client's identity.

In recent days, tax professionals have reported numerous attempts by fraudsters to pierce
their security by posing as potential clients. The fraudsters, posing as potential clients,
send initial emails to tax practitioners. In recent days, the IRS has seen these early variations of these email schemes:
- "Happy new year to you and yours. I want you to help us file our tax return this year as
our previous CPA/account passed away in October. How much will this cost us?...hope
to hear from you soon."
- "Please kindly look into this issue, A friend of mine introduced you to me, regarding
the job you did for him on his 2017 tax. I tried to reach you by phone earlier today but it
was not connecting, attach is my information needed for my tax to be filed if you need
any more Details please feel free to contact me as soon as possible and also send me
your direct Tel-number to rich (sic) you on."
- "I got your details from the directory. I would like you to help me process my tax. Please
get back to me asap so I can forward my details."

If the tax practitioner responds, the fraudster will send a second email that contains either a phishing URL or an attached document that contains a phishing URL, claiming
their tax data is enclosed. The fraudster wants the tax pro to click on the link or attachment and then enter their credentials. In some cases, the URL or attachment might be
malicious and if clicked will download malicious software onto the tax pro's computer.

Depending on the malware involved, this scheme could give fraudsters access to the tax
practitioners' secure accounts or sensitive data. It may even give the fraudster remote
control of the tax professionals' computers.

The IRS also has received recent reports of fraudsters again posing as IRS e-Services,
asking tax pros to sign into their accounts and providing a disguised link. The link, however, sends tax pros to a fake e-Services site that steals their usernames and passwords.

This type of scam is one of the reasons the IRS has moved e-Services to the more secure
identity-proofing process called Secure Access. It is important that all e-Services account
holders upgrade their accounts to this more rigorous authentication process. E-Services
account holders who have not updated their accounts should do so immediately.

Tax practitioners receiving emails from fraudsters posing as the IRS, or even their tax
software provider, should go directly to the main website, such as IRS.gov, rather than
opening any links or attachments. Forward attempted phishing emails to phishing@irs.
gov. The IRS does not send unsolicited emails.